Calling PowerShell from a Sumo Logic Script Source

By default, Sumo Logic does not come with a PowerShell command option. To properly run a PowerShell script from within a Sumo Logic Script Source, we need to make sure that the Collector knows to use the PowerShell command to run the script.

By default, Sumo Logic does not come with a PowerShell command option. To properly run a PowerShell script from within a Sumo Logic Script Source, we need to make sure that the Collector knows to use the PowerShell command to run the script. We also need to supply some formatting options for the resulting script output.

In the Sumo Logic Script Source configuration, select the Type the script to execute option. This allows you to use PowerShell interpreter to run the command.

Within the text box, enter the full command to run the script. This includes the powershell.exe, the script to run, as well as an additional parameter "-inputformat none", which describes the format of data sent to Windows PowerShell.

NOTE: There is a known issue with PowerShell that can cause PowerShell to hang in some cases. The addition of the "-inputformat none" option works to keep this issue from occurring and allows the script to run properly.

Set the Working Directory to a path with access to powershell.exe.

Lastly, when a script runs in Windows it may output the original script call as a message. Add an Exclude Filter to the Source configuration to prevent sending these lines to Sumo Logic. Using our sample command above, a working exclude filter would be:

Recommended articles

Sumo Logic is the industry’s leading secure, cloud-native, machine data analytics service, delivering real-time, continuous intelligence across the entire application lifecycle and stack. More than 1,000 customers around the globe rely on Sumo Logic for the analytics and insights to build, run and secure their modern applications and cloud infrastructures.